US6772337B1 - Light weight security for parallel access to multiple mirror sites - Google Patents

Light weight security for parallel access to multiple mirror sites Download PDF

Info

Publication number
US6772337B1
US6772337B1 US09/436,167 US43616799A US6772337B1 US 6772337 B1 US6772337 B1 US 6772337B1 US 43616799 A US43616799 A US 43616799A US 6772337 B1 US6772337 B1 US 6772337B1
Authority
US
United States
Prior art keywords
file
blocks
message
server
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
US09/436,167
Other languages
English (en)
Inventor
Bulent Yener
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia of America Corp
Original Assignee
Lucent Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lucent Technologies Inc filed Critical Lucent Technologies Inc
Priority to US09/436,167 priority Critical patent/US6772337B1/en
Assigned to LUCENT TECHNOLOGIES, INC. reassignment LUCENT TECHNOLOGIES, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: YENER, BULENT
Application granted granted Critical
Publication of US6772337B1 publication Critical patent/US6772337B1/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Definitions

  • the present application relates generally to a system and method for secured access of information over a computer network and, more particularly, a system and method for accessing information from multiple mirror sites using combinatorial file dispersal and access control protocols to reduce the security overheard associated with information access.
  • a client will select a single server from a plurality of servers and send a request for information.
  • This server selection process is not trivial and two selection methods have been proposed for improving the performance: (1) a static approach based on statistical information (see, e.g., Katz et al., “ Spand: Shared Passive Network Performance Discovery ,” Proc. of Usenix Symposium on Internet Technologies and Systems '97, December) and (2) a dynamic approach based on probing to determine the “closest” site to direct the request (see, e.g., Carter, et al., “ Dynamic Server Selection Using Bandwidth Probing in Wide - Area Networks ,” Proc. of IEEE INFOCOM97)
  • the delay associated with downloading a file can be further decreased by polling multiple servers in parallel.
  • this approach has the potential of causing congestion if the servers send back the entire file.
  • mechanisms are needed that allow the servers to send only subsets of packets of the file.
  • One solution would be to have a client instruct each server to send a specific subset of packets to the client. Of course this approach would require negotiations and may not be scalable due to increased security overhead.
  • Another solution is to disperse the file into fixed size pieces at each server in a predetermined way, wherein some redundancy is introduced during the dispersal such that a client can recover the file upon receiving a limited number of pieces.
  • IDA Information Dispersal Algorithm
  • the FEC based methods require cryptographic protection since, as indicated above, any m pieces of the file is sufficient to reconstruct the file.
  • any m pieces of the file is sufficient to reconstruct the file.
  • a system and method which provides secured access to information in a network using a dispersal and parallel access paradigm, but which provides reduced security overhead in connection with client access of a file from a plurality of mirror servers, is highly desirable.
  • the present invention is directed to a system and method for providing secured file dispersal and access control protocols based on combinatorial techniques so as to reduce the security overhead associated with information retrieval systems employing parallel access to mirror sites.
  • a system for providing secured access to information on a network comprises a plurality of mirror servers; and at least one trusted authority (TA) server comprising file partition means for partitioning a file into a plurality of elements; combinatorial file dispersal means for permuting the elements of the file and assigning each of the permuted elements to at least one of a plurality of blocks; distribution means for distributing the plurality of blocks to at least a portion of the plurality of mirror servers; and key generation means for generating a combinatorial key comprising access information for accessing the mirror servers having blocks of the file and reconstruction information for reconstructing the file from at least a portion of the plurality of blocks.
  • TA trusted authority
  • a combinatorial dispersal process employs one of a (i) cloning-based process which uses random permutations of file elements, and (ii) Balanced Incomplete Block Design (BIBD)—based process which uses deterministic permutations of file elements.
  • BIBD Balanced Incomplete Block Design
  • the combinatorial dispersal of file elements into a plurality of blocks k provides the properties: (i) no k ⁇ 1 blocks are sufficient to reconstruct the file and k blocks are needed and (ii) not any k blocks are sufficient to recover the file (i.e., there are only k+1 combinations (configurations) that can reconstruct the file by using k blocks), and (iii) there is no redundancy information within a block.
  • the present invention provides protocols that capitalize on (ii) to reduce the security overhead.
  • the combinatorial file dispersal process includes inserting a random amount of junk elements in each of the blocks to hide the number of file elements assigned to each block.
  • the file blocks are dispersed over a plurality of mirror servers in a combinatorial manner, the probability of an adversary being able to successfully guess a combination of the blocks to reconstruct the file is sufficiently low.
  • an adversary does not know the configurations of the blocks, there is an added security factor which further decreases the probability of an adversary being able to reconstruct a file. Consequently, the servers do not have to perform any authentication and/or authorization process for client access of a file, thereby eliminating the cost and complexity associated with key management and authorization procedures between a client and the mirror sites.
  • FIG. 1 is a diagram of a system for providing secured access to information on a network according to an embodiment of the present invention
  • FIG. 2 is a flow diagram of a file dispersal process according to one aspect of the present invention.
  • FIG. 3 is an exemplary diagram of a method for permuting file elements according to one aspect of the present invention using a cloning-based process
  • FIG. 4 is an exemplary diagram of a method for permuting file elements according to another aspect of the present invention using a BIBD (balanced incomplete block design) process;
  • FIG. 5 is a flow diagram of a method for accessing and reconstructing a file according to one aspect of the present invention.
  • FIG. 6 is a flow diagram of a method for accessing and reconstructing a file according to another aspect of the present invention.
  • the systems and methods described herein in accordance with the present invention may be implemented in various forms of hardware, software, firmware, special purpose processors, or a combination thereof.
  • the present invention is implemented in software as an application (local and/or distributed) comprising program instructions that are tangibly embodied on one or more program storage devices (e.g., magnetic floppy disk, RAM, CD ROM, ROM and Flash memory), and executable by any device or machine comprising suitable architecture.
  • program storage devices e.g., magnetic floppy disk, RAM, CD ROM, ROM and Flash memory
  • FIG. 1 a block diagram illustrates a system for providing secured access to information in a network according to an embodiment of the present invention.
  • the system 10 comprises a network 11 that is partitioned into one or more domains (denoted as D . . . Di) or clusters.
  • Each domain D . . . Di includes a trusted authority (TA) 12 and a plurality of mirror servers 13 .
  • Each domain (cluster) . . . Ss) preferably comprises s number of mirror servers 13 (e.g., S 1 and the network 11 comprises a total of S mirror servers 13 .
  • the mirror servers 13 are assumed to be trusted entities. It is to be understood that the number of servers s in each domain may be equal or random with some domains having an equal amount of servers, etc.
  • Each TA 12 is considered a cluster leader for its respective domain D . . . Di.
  • Each TA 12 comprises an authentication/authorization module 16 for authenticating the identity of a user upon accessing the TA 12 .
  • the user authentication module 16 may employ any conventional security mechanism (e.g., PIN (personal identification number), password, speaker recognition, digital signature, etc.)
  • each TA 12 is considered to be an “owner” or manager of one or more files f.
  • the TA 12 maintains a directory 17 comprising information such as a file identifier (FID)for each file f in its cluster, a combinatorial key for each file f and a list of the mirror servers 13 that hold blocks of parallel classes (or copies) of the files f (as explained in below).
  • FID file identifier
  • each TA 12 it is preferable to limit the amount of information maintained at each TA 12 .
  • each TA 12 knows about all the files in the network 11 (i.e., files in other domains that are managed by the respective TAs 12 ). It is to be appreciated, however, that more than one TA 12 may be assigned the responsibility of managing a given file f for reasons understood by those skilled in the art (e.g., to increase fault-tolerance).
  • the directories 17 of all the TAs 12 in the network 11 can be managed by hierarchically organizing the TAs 12 into a virtual tree structure using any conventional method known by those skilled in the art such as the method disclosed in A Trade - Off Between Space and Efficiency for Routing Tables ,” by Peleg et al., Jrn. ACM, pp.510-530, 1989. Briefly, with this method, the amount of information maintained at each TA 12 depends on its level in the tree. Each node in the tree keeps the topology and file database for the subtree rooted at this node (i.e., the root of the tree knows the global information). Using such information, each TA 12 can perform routing and forwarding operations in a similar way to a gateway (border router) and can filter out messages.
  • a gateway border router
  • Each TA 12 is responsible for partitioning and dispersing the files f (that it manages) to the mirror servers 13 within its domain.
  • each TA 12 comprises a file partition module 18 for partitioning a file f into a set of v elements (e 1 , e 2 , . . . , e v ).
  • the file f can be replicated to make r copies thus resulting in a total number of vr elements.
  • Each element of the file is a logical unit of information.
  • an element of an electronic encyclopedia can be pages that cover topics that start with the letters between A a -A k .
  • each element may partitioned to correspond to a chapter or a section. It is to be understood that the granularity of the information contained in each element is outside the scope of the present invention and that any conventional partitioning technique known in the art may be implemented in the file partition module 18 .
  • Each TA 12 further comprises a combinatorial file dispersal module 19 for permutating elements of a given file and generating blocks 22 (or pieces) of the file elements, which are dispersed to (and stored within) the mirror servers 13 .
  • These blocks 22 may comprises “valid” blocks and/or “junk” blocks.
  • each server may have either a “valid” block (i.e., a piece of the file f that is provided by the TA 12 ) or a “junk” a block if the server has nothing to do with the file f.
  • a junk block may comprise random information and is generated by the server. As discussed below, a junk block is used to confuse an adversary.
  • a server 13 is considered a “holder” if it maintains a valid block of the file f.
  • the combinatorial keys 20 are maintained in the directory 17 of the TA 12 .
  • the system 10 of FIG. 1 further comprises one or more clients 14 (authorized users) and one or more adversaries 15 (unauthorized users). It is assumed that the identity of the servers 13 in the network 11 are not known to the clients 14 and that their knowledge is limited to the address of their respective TAs 12 . For a given file f, a client 21 is considered “honest” if it is not corrupted by an adversary 15 . A client 14 is considered “legitimate” if it has paid for service. It is assumed herein that all legitimate clients 14 are also honest. Furthermore, it is assumed that an honest client does not provide any information regarding a file (or the reconstructed file itself) to any other client (e.g., it is assumed that there is no second hand sale of a given file).
  • a “weak” adversary refers to an adversary that can corrupt other clients 14 for collaboration and initiate replay attacks.
  • a “strong” adversary refers to an adversary that has the capability of eavesdropping on data traffic that flows in and out of any node in the network 11 (as well as the capabilities of the weak adversary). It is assumed that an adversary 15 can corrupt at most d clients 14 . However, the adversary cannot change the set of corrupted clients at each time interval (i.e., it is not mobile).
  • One conventional method for providing synchronization which may be implemented in accordance with the present invention is based on a global referencing structure such as GPS (global positioning system) 21 , whereby each node (e.g., servers 13 , TA 12 , client 21 ) of the network 11 receives clock ticks from a GPS receiver to synchronize its internal clock. It is assumed that GPS signals are unforgeable. The time between-two successive GPS ticks is called a Time Frame (TF). In addition, a time cycle (TC) is defined as a period of time comprising ⁇ TFs.
  • GPS global positioning system
  • a time cycle is long enough to subsume multiple round trip times (RTT) between a server 13 and a client 14 in the network.
  • RTT round trip times
  • Each TC is associated with a monotone increasing sequence number.
  • TS time stamp
  • Time stamps are utilized in connection with the access control protocols of the present invention as described in detail below with reference to, e.g., FIGS. 5 and 6. Therefore, synchronization of the network 11 implies that the sequence numbers for successive TCs are incremented consistently throughout the network.
  • the present invention utilizes a conventional mechanism for client 14 access (i.e., polling) to a server 13 such as HTTP (hypertext transfer protocol or FTP (file transfer protocol) connection. It is assumed that each polling message has a fixed cost $c.
  • any suitable conventional charging mechanism for charging clients 14 for file access may be employed herein.
  • One such method is a usage-based charging mechanism associated with accessing to the network (such as described in “ Internet Cost Allocation and Pricing ” by D. Clark, Internet Economics, L. W. McKnight and J. P. Bailey (eds.), pp. 215-252, 1997.
  • a network service provider can identify and charge different user traffic flow (e.g., HTTP or FTP) at the network ingress points.
  • there is a service charge for accessing a file may be done by the owner of the file (e.g., the owner of the multimedia text book).
  • An adversary 15 tries to “guess” the servers 13 that maintain a copy of a file that the adversary wants to access.
  • Each adversary 15 is assumed to be polynomial time-bounded and have a large, but finite, budget $B. It is further assumed that an adversary 15 is not adaptive and it makes d guesses at once (i.e., not one guess at a time). The objective of an adversary 15 is to improperly obtain the file and pay less than the full price of the service (i.e., accessing a file).
  • v elements.
  • the file can be replicated to make r copies, thus resulting in a total of vr elements that are dispersed among the servers 13 .
  • Accessing the file requires obtaining at least v elements and providing these elements defines a service which has a certain price. An honest client is willing to pay the price for obtaining the service.
  • QoS quality of service
  • the present invention provides a combinatorial dispersal mechanism which makes the cost of random polling of the servers 13 (e.g., $c for each polling message) to obtain the appropriate amount of blocks for reconstructing the file too expensive for the adversary having the finite budget $B.
  • FIG. 2 a flow diagram illustrates a combinatorial file dispersal process according to one aspect of the present invention. This process is performed by a TA 12 for each file it manages.
  • the flow diagram of FIG. 2 illustrates, in general, two combinatorial file dispersal methods (CFDs) that are preferably implemented herein: (i) a cloning based dispersal method, and (ii)a BIBD-based dispersal method.
  • CFDs combinatorial file dispersal methods
  • the method of FIG. 2 is generally similar for both combinatorial dispersal methods except with respect to the permutation (step 202 ) of file elements as explained below.
  • the TA 12 will partition the file (via file partition module 18 ) to produce a set of elements (step 200 ).
  • e 1 , e 2 . . . , e v be the set of elements of a given file f.
  • partition methods are well-known in the art and vary based on the given application and file content.
  • the next step is to assign an index to each element v of the partitioned file f (step 201 ). Once the indices are assigned, the indices of the file elements are permuted to reorder the information (step 202 ).
  • the cloning-based process randomly permutes the elements and uses the same random permutation for each copy of the file f.
  • the BIBD-based process employs conventional combinatorial design techniques for deterministically permutating the file elements. This method provides a unique permutation for each copy of the file and maintains well-defined properties between the blocks of different copies. Each of these permutation methods will now be discussed in detail.
  • a cloning-based permutation (step 202 ) and block assignment process ( 203 ) will now be explained in detail with reference to FIG. 3 .
  • the given file f is partitioned into a set of elements e 1 , e 2 . . . , e v , each having a unique index.
  • ⁇ i is a random permutation of the element indices which is used for dispersing an i th copy of the file.
  • the cloning-based dispersal method if the file is replicated to generate r copies, the same permutation ⁇ is used for each copy.
  • a block is considered a one-dimensional array that includes at least v/k elements.
  • parameter k i.e., number of blocks
  • k the choice of parameter k depends on the file size and number of mirror servers 13 in the domain.
  • the number of blocks k 3.
  • the first three indices of the “permutation for each copy” are (0,1,2), which represents the file elements that are assigned to Block 1 .
  • the next three indices of the permutation (3,7,8) represent the file elements that are assigned to Block 2 .
  • the last three indices of the permutation (4,5,6) are assigned to Block 3 .
  • the block design (Block 1 , 2 and 3 ) is the same for each copy of the file f.
  • the blocks associated with a given permutation define a copy of the file.
  • the dispersal of a copy of file f is an assignment of each of the k blocks to k ⁇ s mirror servers 13 such that a server obtains at most one block.
  • BIBD Balanced Incomplete Block Designs
  • combinatorial design theory which is well-known by those skilled in the art.
  • a discussion of such theory may be found, for example, in the following references: I. Anderson, “ Combinatorial Designs: Construction Methods ,” John Wiley Sons, New York, 1990; M. Hall, “ Combinatorial Theory ,” John Wiley Sons, New York, 1986; and W. D. Wallis, “ Combinatorial Designs ,” Marcel Dekker, Inc., New York, 1988, which are incorporated herein by reference.
  • a BIBD is a collection of k-element subsets (or blocks) of a v-element set S. k ⁇ v, such that each pair of elements of set S occur together in exactly ⁇ of the blocks.
  • a BIBD can be represented with parameters (v, k, ⁇ ).
  • the present invention preferably utilizes block designs that are resolvable.
  • Resolvable BIBDs used herein have parameters (n 2 , n, 1).
  • a BIBD is shown with parameters (9,3,1) together with its parallel classes P 1 , P 2 , P 3 and P 4 .
  • P 1 , P 2 , P 3 and P 4 there are standard methods for actual construction of a BIBD based on finite fields.
  • a (13, 4, 1) design can be constructed by 0,1,3,9 (mod 13), PG(2,3).
  • a resolvable design with parameters (9,3,1) can be obtained by deleting a block of the (13, 4, 1) design.
  • Parameter v of a resolvable BIBD is associated with the number of elements in the file while parameter k of the BIBD is the minimum number of pieces (or blocks) necessary to construct the file.
  • each parallel class of a resolvable design provides first a permutation of the indices of the elements and then packing them into blocks k blocks each with k elements.
  • the block design based dispersal method can be perceived as a special case of the cloning method algorithm such that each of the r copies of the file have a unique permutation of the elements such that a pair of blocks from two different copies have exactly one common element. For instance, as illustrated in FIG. 4, blocks B 0 , B 3 and B 8 and B 10 (the first block in each copy) have the common element associated with index 0. In contrast, the cloning method ensures that some pair of inter-copy blocks have empty intersection. If the intersection is not empty, then the cardinality is at least k. It is to be understood that the terms parallel class (PC) and a copy of the file are used herein interchangeably.
  • PC parallel class
  • a BIBD-based CFD algorithm breaks a file with n 2 elements into n 2 +n pieces such that (i) any n ⁇ 1 pieces are not sufficient for reconstruction (ii) there are exactly n+1 ways for reconstruction by using only n pieces. The reason for this is as follows.
  • n 2 pieces are needed for reconstructing the file.
  • the number of elements and the number of pieces are made independent from each other.
  • the number of elements can be arbitrarily increased by increasing the size of the block for a given resolvable design.
  • several block designs can be merged for scaling of BIBDs to achieve networks of arbitrary size such as explained in “ Combinatorial Design of Congestion - Free Networks , by B. Yener, et al., IEEE/ACM Transactions on Networking , 5(6):989-1000, December 1997, which is incorporated herein by reference.
  • the next step is to distribute the elements of the file into corresponding blocks (step 204 ) in accordance with the index assignment.
  • the block size and the offset of each valid element can be hidden within each block by inserting “junk elements” randomly in each block (step 205 ). It is to be understood that this may be performed to enhance security against a strong adversary which, as indicated above, has the capability of eavesdropping and corrupting clients.
  • a random number of “junk” elements are inserted in each block. The objective of junk elements is to confuse the adversary.
  • a junk element should be indistinguishable from the actual file contents, and contain “false” information. For instance, assuming that a file element in a given block is a paragraph starting with the sentence: Bob saw Alice running to the car to double park . . . . A junk element can be constructed by changing the sentences and rearranging the words randomly. In a digital movie, a junk element may be generated by randomly changing the order of clips.
  • Block 1 of FIG. 3 includes elements of the file in locations (offsets) 3 , 6 , and 10 . It is to be appreciated that (as shown in FIG. 3) each block has a different size. It is to be appreciated that such property (different block sizes with junk elements) is another aspect of the invention which provides added security against attack by a strong adversary.
  • junk block and “junk element” as used herein.
  • a “junk block” is sent by a non-holder server as a response to a polling message whereas a “junk element” is used to modify a valid block which is sent by a “holder” server.
  • the permutation and packing of the indices provides the information needed to generate a combinatorial key (step 206 ) for dispersal and construction of each copy of the file.
  • a combinatorial key for file based on the illustrated block design is shown as follows:
  • the combinatorial key comprises information such as (1) a FID (file identifier), (2) the number of elements for the file (which is 9 in the example), (3) the server address (e.g., IP (Internet protocol) of each mirror server 13 , and (4) the index and offset of each file element in the block held by the corresponding mirror server.
  • a FID file identifier
  • the server address e.g., IP (Internet protocol) of each mirror server 13
  • the combinatorial key of FIG. 3 indicates that a first server (server address) holds a block (e.g. Block 1 ) of the file specified by FID such that the block contains element 0 at offset location 3 , element 1 at offset location 6 and element 2 at offset location 10 in the block.
  • the TA can utilize a secret key to encrypt the block. This secret key can subsequently be provided to the client to decrypt the blocks.
  • An advantage to using the secret key to hide the size and content of the blocks is to decrease the bandwidth associated with sending junk information.
  • the TA 12 will distribute the blocks to the mirror servers 13 (step 207 ).
  • a TA 12 will distribute the blocks by communicating a download message (LOAD) to each server.
  • the LOAD message is secured against a strong adversary using a public key of the server.
  • any suitable conventional method may be used to distribute the blocks to the appropriate mirror servers.
  • the process for distributing the file to mirror sites is a variant of the well-known conventional NP hard problem as discussed in “ Computers and Intractability—A Guide to the Theory of NP - Completeness ,” by M. R. Garey, et al., page 9, W. H. Freeman and Company, New York, 1979, which is incorporated herein by reference.
  • a client can access the blocks from the mirror servers and reconstruct the file using the appropriate combinatorial key.
  • FIG. 5 a flow diagram illustrates a method for accessing and reconstructing a file according to one aspect of the present invention.
  • the communication between a client 14 and its TA 12 involves the exchange of a request (REQ) message (by the client 14 ) and a confirmation (CONF) message (by the TA 12 ).
  • a client 14 seeking access to a given file will, initially, send a REQ message to its TA (step 500 ).
  • a REQ message according to one aspect of the present invention comprises information in the following form:
  • Address (C) is the IP address of the client
  • K c is the public key of the client
  • FileName is the name of the requested file
  • PaymentInfo is payment (e.g., credit card) information. It is assumed that the client knows the name and the price of the file which, indeed, is typically advertised in network.
  • the TA After the TA receives the REQ message, the TA will determine if the requested file is one that is managed by the TA (step 501 ) (i.e., if the file is within the domain of the TA). In particular, based on the FileName in the REQ message, the TA will search its directory using the corresponding FID as a key. As explained above, each TA behaves as a domain(cluster) leader and manages each file in its domain by maintaining a directory with the following information: (1) file identifier (FID), (2) combinatorial key for the file (3) list of servers holding the blocks of the parallel class. Since not every domain has a copy of each file, a TA may need to poll other TAs to obtain a file that is not within the domain of the TA.
  • FID file identifier
  • the TA upon receiving a REQ message, the TA checks its directory to determine if the file is within its domain (cluster) (step 501 ). If the requested file is within the domain of the TA (affirmative result in step 501 ) (i.e., the TA manages the file), the TA will obtain from its directory the (previously generated) combinatorial key corresponding to the requested file (step 502 ). If, on the other hand, the requested file is not within the domain of the TA (negative result in step 501 ) (i.e., the request is for a remote file) then the TA forwards the request hierarchically to other TAs in the network (step 503 ).
  • the remote TA responsible for managing the requested file will send the corresponding combinatorial key and list of servers to the forwarding TA (step 504 ).
  • the communication between the TAs is assumed to be secure.
  • a time stamp (TS) (step 505 ),which, as explained above, is the sequence number of a next time cycle (TC).
  • TC is a certain period of time comprising a predefined number of time frames TF of successive clock ticks by a GPS clock on the synchronized network.
  • the TS is used for preventing replay attacks and as a threshold time for allowing the client to access the servers.
  • the TA will then generate and transmit a CONF message to the requesting client (step 506 ).
  • a CONF message comprises the TS (generated by the TA) and the combinatorial key of the requested file.
  • both the REQ and CONF messages can be transmitted in clear text (i.e., not encrypted).
  • a POLL message comprises the FID of the requested file, the client's return IP address, and the TS provided by the TA in the CONF message.
  • each server Upon receiving the POLL message, each server will make a determination as to whether the POLL message was sent in the TC (time cycle) specified by the TS (time stamp) in the CONF message from the TA (step 508 ).
  • the client will have to make a new request to its TA (return to step 500 ).
  • each server will transmit a REP message to the client (step 509 ) to reply to the polling request by the client.
  • the REP from a given server comprises either a “false” reply (e.g., send a junk block) if the server is not a “holder” of a valid block of the file or, if the server is a holder, a valid block associated with the FID in the POLL message.
  • a mirror server will always return a REP message in response to a client POLL.
  • mirror site servers do not have to perform any authorization and authentication check on client POLLs. It is to be further appreciated that both the POLL and REP messages can be sent in the clear (not encrypted) without compromising security as against both weak and strong adversaries (the security issues are discussed in detail below).
  • each block comprises two components: “valid” data which is composed of k elements of the file; and a random number of “false” or “junk” elements.
  • the length of the junk part is chosen uniformly randomly between k and g(k).
  • the combinatorial key specifies the information for reconstruction: (1) the value of k, (2) how the junk and valid elements are mixed together, and (3) what the indices of valid elements in a block are.
  • reconstruction of a file at the client has two passes. First, each block is processed to strip out the junk. Then the valid elements are sorted based on the combinatorial key.
  • state information in a server can be represented by a lookup table (TBL) which has an entry for each FID that the server is involved with.
  • TBL lookup table
  • each server periodically updates its lookup table by changing (permuting) the index of each entry at the beginning of each time cycle TC.
  • this permutation is performed using a function ⁇ : TBL, TC i ⁇ TCi which takes the lookup table TBL and the current time cycle TC i and maps it to a new ordering of the entries.
  • this permutation process can defend against replay attack (as discussed below).
  • FIG. 6 a flow diagram illustrates a method for accessing and reconstructing a file according to another aspect of the present invention.
  • the client does not query the servers (i.e., send a POLL message) for the blocks, but rather the TA sends a FWD message to the servers requesting delivery of the file blocks to the client.
  • the client will send a REQ message to its TA to access a file (step 600 ).
  • the description of steps 600-606 is similar to that discussed above for steps 500-506 of FIG. 5 and, thus, will not be reiterated.
  • a FWD message comprises (1) the address of the requesting client, (2) the FID of the requested file, and (3) a TS (generated in step 605 ). It is to be appreciated that the FWD message may be transmitted in clear text without compromising security as against both adversary models (weak and strong).
  • each server Upon receiving the FWD message, each server will transmit a REP message to the address of the client as indicated in the FWD message (step 608 ).
  • Each REP message sent by the servers comprises file blocks associated with the FID passed by the TA in the FWD message (without the client explicitly requesting the blocks), the timestamp received by the TA in the FWD message, and an address of the mirror server. It is to be appreciated that the REP message may be transmitted in clear text to the client without compromising security.
  • the client Upon receiving the REP messages from the servers, the client will match the server address in each REP message to the server list (in the combinatorial key) provided by the CONF message to determine if the REP messages are received from servers in the list. If the server address of a given REP message does not match a server address in the list (negative result in step 609 ), the REP message will be ignored or otherwise deleted (step 610 ). In addition, the client will compare the TS of each REP message with the TS sent to the client by the TA in the CONF message (step 611 ). If the TS of a given REP message does not match the TA's TS (negative result in step 612 ), the REP message will be ignored or otherwise deleted (step 610 ). Otherwise, each REP message having a valid TS and server address will be accepted (step 612 ). The client will then reconstruct the file from the blocks contained in the accepted REP messages (step 613 ) as explained above with respect to step 510 of FIG. 5 .
  • K TA , K S and K C refer respectively to the public key of a TA, a server S, and a client and CK refers to a combinatorial key.
  • the present invention offers security against weak adversaries.
  • the probability of obtaining the blocks of a file if an adversary can POLL any server in any cluster. It is assumed that the weak adversary can corrupt and collaborate with d ⁇ k nodes. Thus, the adversary has the power to POLL d servers in parallel.
  • S servers there are S servers in the network and kr blocks of the file are dispersed over them.
  • C(S,kr) ways of choosing kr servers from the total of S without replacement are also known the first line of security provided by the present invention is due the low probability of the adversary successfully selecting the servers that have valid blocks of a given file.
  • each green ball corresponds to a set of blocks with cardinality d ⁇ k that includes all the blocks of a copy of the file.
  • d k so that each ball contains k blocks.
  • C(K,y) is the number of ways of selecting y green balls among K green balls
  • C(M ⁇ K, x ⁇ y) is the number of ways of selecting x ⁇ y red balls
  • C(M,x) is the number of ways of selecting x balls out of M.
  • the combinatorial security offered by the present invention can advantageously be provided by increasing the number of blocks of the file without the need for any encryption overhead.
  • replay attacks may be averted by periodically permutating the indices of the lookup table at a server.
  • the server will substitute the TS i in place of TC i and then use a function ⁇ : FID, TC i , ⁇ I FID to compute the index of the FID in the ⁇ TC i of the lookup table.
  • the TA periodically sends temporary session keys to each server that it manages.
  • the CONF message should include the current key that server will use to encrypt the REP message.
  • the client will use the session key to decrypt the REP message and encrypt the POLL message.
  • An advantage of the present invention is that the permutation based approach eliminates the need for any key distribution between servers and the TA. Servers can provide security by performing only local operations.
  • the encrypted CONF is the only message that carries the combinatorial key
  • two lines of defense are provided against the strong adversary.
  • the first line of defense is that the adversary has to identify the junk elements from the valid elements without having the combinatorial key.
  • the adversary must still determine the permutation n associated with that copy to construct the information which has excessive cost O(
  • the present invention can capitalize on the budget constraint of the adversary by assuming that the adversary does not know in advance which links to listen (eavesdrop).
  • the cost of eavesdropping to a link is $c and that the budget of an adversary is $B. Since the number of clients is expected to be larger than the number of servers, the adversary may choose to eavesdrop only on the links of the servers.
  • be the minimum degree of a server (i.e., number of links adjacent to the server) in the cluster. Then choosing c and s such that c ⁇ s ⁇ 2B ensures that the adversary cannot eavesdrop on all the links of all the servers. Thus, the adversary must a subset of the servers without replacement.
US09/436,167 1999-11-09 1999-11-09 Light weight security for parallel access to multiple mirror sites Expired - Fee Related US6772337B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US09/436,167 US6772337B1 (en) 1999-11-09 1999-11-09 Light weight security for parallel access to multiple mirror sites

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US09/436,167 US6772337B1 (en) 1999-11-09 1999-11-09 Light weight security for parallel access to multiple mirror sites

Publications (1)

Publication Number Publication Date
US6772337B1 true US6772337B1 (en) 2004-08-03

Family

ID=32771740

Family Applications (1)

Application Number Title Priority Date Filing Date
US09/436,167 Expired - Fee Related US6772337B1 (en) 1999-11-09 1999-11-09 Light weight security for parallel access to multiple mirror sites

Country Status (1)

Country Link
US (1) US6772337B1 (US06772337-20040803-M00002.png)

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020059239A1 (en) * 2000-11-10 2002-05-16 Masae Yanagi Data managing method, data managing system, data managing apparatus, data handling apparatus, computer program, and recording medium
US20020078174A1 (en) * 2000-10-26 2002-06-20 Sim Siew Yong Method and apparatus for automatically adapting a node in a network
US20020131423A1 (en) * 2000-10-26 2002-09-19 Prismedia Networks, Inc. Method and apparatus for real-time parallel delivery of segments of a large payload file
US20020157037A1 (en) * 2001-03-29 2002-10-24 Thomas Kroeger Method and apparatus for fault tolerant TCP handshaking
US20040133773A1 (en) * 2002-10-25 2004-07-08 Crypt Software Inc. Data processing system, processing apparatus and computer program
US20040143576A1 (en) * 2003-01-16 2004-07-22 Ludmila Cherkasova System and method for efficiently replicating a file among a plurality of recipients having improved scalability
US20040143595A1 (en) * 2003-01-16 2004-07-22 Ludmila Cherkasova System and method for efficiently replicating a file among a plurality of recipients having improved scalability and reliability
US20040172476A1 (en) * 2003-02-28 2004-09-02 Chapweske Justin F. Parallel data transfer over multiple channels with data order prioritization
US20040225723A1 (en) * 2003-05-05 2004-11-11 Ludmila Cherkasova System and method for efficient replication of files encoded with multiple description coding
US20040255010A1 (en) * 2003-06-10 2004-12-16 Olli Finni Method, a controller, an arrangement and a computer program for managing a configuration of clustered computers
US7174334B2 (en) * 2003-01-16 2007-02-06 Hewlett-Packard Development Company, L.P. System and method for efficiently replicating a file among a plurality of recipients
WO2007016853A1 (fr) * 2005-08-10 2007-02-15 Huawei Technologies Co., Ltd. Procédé et terminal de téléchargement en parallèle
DE102005047133A1 (de) * 2005-09-30 2007-04-12 Brainloop Ag Verfahren zur Verarbeitung von Dokumentdaten zum Schutz vor Zugriff
US20070192663A1 (en) * 2006-02-10 2007-08-16 Jijina Aspandyar M Methods and apparatus to select tornado error correction parameters
US7272613B2 (en) 2000-10-26 2007-09-18 Intel Corporation Method and system for managing distributed content and related metadata
US7325130B2 (en) * 2003-03-21 2008-01-29 International Business Machines Corporation Method for guaranteeing freshness of results for queries against a non-secure data store
US20080034108A1 (en) * 2000-12-29 2008-02-07 Swarmcast, Inc. Rate sensitive packet transfer mechanism over a peer-to-peer network
US20090287841A1 (en) * 2008-05-12 2009-11-19 Swarmcast, Inc. Live media delivery over a packet-based computer network
US20100023579A1 (en) * 2008-06-18 2010-01-28 Onion Networks, KK Dynamic media bit rates based on enterprise data transfer policies
US20100146145A1 (en) * 2008-12-04 2010-06-10 Swarmcast, Inc. Adaptive playback rate with look-ahead
US20100306373A1 (en) * 2009-06-01 2010-12-02 Swarmcast, Inc. Data retrieval based on bandwidth cost and delay
WO2011091887A1 (de) * 2010-01-27 2011-08-04 Artec Computer Gmbh Verfahren zum gesicherten download von verteilten downloadsourcen
US8300824B1 (en) * 2004-04-08 2012-10-30 Cisco Technology, Inc. System and method for encrypting data using a cipher text in a communications environment
US8543720B2 (en) 2007-12-05 2013-09-24 Google Inc. Dynamic bit rate scaling
US8635360B2 (en) 2007-10-19 2014-01-21 Google Inc. Media playback point seeking using data range requests
US20140114853A1 (en) * 2012-10-22 2014-04-24 Oonetic Online payment system and method according to the mirror authorization server principle
US20150006953A1 (en) * 2013-06-28 2015-01-01 Hugh W. Holbrook System and method of a hardware shadow for a network element
US10833857B2 (en) * 2018-01-29 2020-11-10 International Business Machines Corporation Encryption key management in a data storage system communicating with asynchronous key servers
CN112655037A (zh) * 2018-08-16 2021-04-13 行德纸工株式会社 文件的保密分发系统及保密分发方法

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5991414A (en) * 1997-09-12 1999-11-23 International Business Machines Corporation Method and apparatus for the secure distributed storage and retrieval of information
US6182214B1 (en) * 1999-01-08 2001-01-30 Bay Networks, Inc. Exchanging a secret over an unreliable network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5991414A (en) * 1997-09-12 1999-11-23 International Business Machines Corporation Method and apparatus for the secure distributed storage and retrieval of information
US6192472B1 (en) * 1997-09-12 2001-02-20 International Business Machines Corporation Method and apparatus for the secure distributed storage and retrieval of information
US6182214B1 (en) * 1999-01-08 2001-01-30 Bay Networks, Inc. Exchanging a secret over an unreliable network

Cited By (81)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7165095B2 (en) 2000-10-26 2007-01-16 Intel Corporation Method and apparatus for distributing large payload file to a plurality of storage devices in a network
US20020078174A1 (en) * 2000-10-26 2002-06-20 Sim Siew Yong Method and apparatus for automatically adapting a node in a network
US20020083118A1 (en) * 2000-10-26 2002-06-27 Sim Siew Yong Method and apparatus for managing a plurality of servers in a content delivery network
US20020083187A1 (en) * 2000-10-26 2002-06-27 Sim Siew Yong Method and apparatus for minimizing network congestion during large payload delivery
US20020112069A1 (en) * 2000-10-26 2002-08-15 Sim Siew Yong Method and apparatus for generating a large payload file
US20020131423A1 (en) * 2000-10-26 2002-09-19 Prismedia Networks, Inc. Method and apparatus for real-time parallel delivery of segments of a large payload file
US7177270B2 (en) 2000-10-26 2007-02-13 Intel Corporation Method and apparatus for minimizing network congestion during large payload delivery
US20030031176A1 (en) * 2000-10-26 2003-02-13 Sim Siew Yong Method and apparatus for distributing large payload file to a plurality of storage devices in a network
US7181523B2 (en) 2000-10-26 2007-02-20 Intel Corporation Method and apparatus for managing a plurality of servers in a content delivery network
US7076553B2 (en) * 2000-10-26 2006-07-11 Intel Corporation Method and apparatus for real-time parallel delivery of segments of a large payload file
US7058014B2 (en) 2000-10-26 2006-06-06 Intel Corporation Method and apparatus for generating a large payload file
US7047287B2 (en) 2000-10-26 2006-05-16 Intel Corporation Method and apparatus for automatically adapting a node in a network
US7272613B2 (en) 2000-10-26 2007-09-18 Intel Corporation Method and system for managing distributed content and related metadata
US7043496B2 (en) * 2000-11-10 2006-05-09 Masae Yanagi Data managing method, data managing system, data managing apparatus, data handling apparatus, computer program, and recording medium
US20060095449A1 (en) * 2000-11-10 2006-05-04 Masae Yanagi Data managing method, data managing system data managing apparatus, data handling apparatus, computer program, and recording medium
US7340479B2 (en) * 2000-11-10 2008-03-04 Masae Yanagi Data managing method, data managing system, data managing apparatus, data handling apparatus, computer program, and recording medium
US20020059239A1 (en) * 2000-11-10 2002-05-16 Masae Yanagi Data managing method, data managing system, data managing apparatus, data handling apparatus, computer program, and recording medium
US8312107B2 (en) 2000-12-29 2012-11-13 Google Inc. Rate sensitive packet transfer mechanism over a peer-to-peer network
US7831718B2 (en) 2000-12-29 2010-11-09 Swarmcast, Inc. Rate sensitive packet transfer mechanism over a peer-to-peer network
US8694606B2 (en) 2000-12-29 2014-04-08 Google Inc. Rate sensitive packet transfer mechanism over a peer-to-peer network
US20080034108A1 (en) * 2000-12-29 2008-02-07 Swarmcast, Inc. Rate sensitive packet transfer mechanism over a peer-to-peer network
US20020157037A1 (en) * 2001-03-29 2002-10-24 Thomas Kroeger Method and apparatus for fault tolerant TCP handshaking
US7454614B2 (en) * 2001-03-29 2008-11-18 Microsoft Corporation Method and apparatus for fault tolerant TCP handshaking
US20040133773A1 (en) * 2002-10-25 2004-07-08 Crypt Software Inc. Data processing system, processing apparatus and computer program
US7454424B2 (en) * 2003-01-16 2008-11-18 Hewlett-Packard Development Company, L.P. System and method for efficiently replicating a file
US20040143576A1 (en) * 2003-01-16 2004-07-22 Ludmila Cherkasova System and method for efficiently replicating a file among a plurality of recipients having improved scalability
US7200598B2 (en) * 2003-01-16 2007-04-03 Hewlett-Packard Development Company, L.P. System and method for efficiently replicating a file among a plurality of recipients having improved scalability
US20040143595A1 (en) * 2003-01-16 2004-07-22 Ludmila Cherkasova System and method for efficiently replicating a file among a plurality of recipients having improved scalability and reliability
US7174334B2 (en) * 2003-01-16 2007-02-06 Hewlett-Packard Development Company, L.P. System and method for efficiently replicating a file among a plurality of recipients
US20040172476A1 (en) * 2003-02-28 2004-09-02 Chapweske Justin F. Parallel data transfer over multiple channels with data order prioritization
US8103786B2 (en) 2003-02-28 2012-01-24 Swarmcast Inc. (Bvi) Parallel data transfer over multiple channels with data order prioritization
US20090327512A1 (en) * 2003-02-28 2009-12-31 Onion Networks, KK Parallel data transfer over multiple channels with data order prioritization
US7555559B2 (en) * 2003-02-28 2009-06-30 Onion Networks, KK Parallel data transfer over multiple channels with data order prioritization
US7325130B2 (en) * 2003-03-21 2008-01-29 International Business Machines Corporation Method for guaranteeing freshness of results for queries against a non-secure data store
US20080040620A1 (en) * 2003-03-21 2008-02-14 International Business Machines Corporation Method for Guaranteeing Freshness of Results for Queries Against a Non-Secure Data Store
US7809958B2 (en) * 2003-03-21 2010-10-05 International Business Machines Corporation Method for guaranteeing freshness of results for queries against a non-secure data store
US8626944B2 (en) 2003-05-05 2014-01-07 Hewlett-Packard Development Company, L.P. System and method for efficient replication of files
US20040225723A1 (en) * 2003-05-05 2004-11-11 Ludmila Cherkasova System and method for efficient replication of files encoded with multiple description coding
US7493377B2 (en) * 2003-06-10 2009-02-17 Nokia Corporation Method and apparatus to manage a configuration of clustered computers according to deployment date structures
US20040255010A1 (en) * 2003-06-10 2004-12-16 Olli Finni Method, a controller, an arrangement and a computer program for managing a configuration of clustered computers
US8300824B1 (en) * 2004-04-08 2012-10-30 Cisco Technology, Inc. System and method for encrypting data using a cipher text in a communications environment
CN100411341C (zh) * 2005-08-10 2008-08-13 华为技术有限公司 一种并行下载方法和终端
US20070288484A1 (en) * 2005-08-10 2007-12-13 Huawei Technologies Co., Ltd. Method and download agent for implementing parallel download
WO2007016853A1 (fr) * 2005-08-10 2007-02-15 Huawei Technologies Co., Ltd. Procédé et terminal de téléchargement en parallèle
US7921217B2 (en) 2005-08-10 2011-04-05 Huawei Technologies Co., Ltd. Method and download agent for implementing parallel download
US7865827B2 (en) 2005-09-30 2011-01-04 Brainloop Ag Method for operating a data processing system
DE102005047133A1 (de) * 2005-09-30 2007-04-12 Brainloop Ag Verfahren zur Verarbeitung von Dokumentdaten zum Schutz vor Zugriff
US20070156738A1 (en) * 2005-09-30 2007-07-05 Brainloop Ag Method for Operating a Data Processing System
US20090094501A1 (en) * 2006-02-10 2009-04-09 The Directv Group, Inc. Methods and apparatus to select tornado error correction parameter
US8301958B2 (en) * 2006-02-10 2012-10-30 The Directv Group, Inc. Methods and apparatus to select tornado error correction parameter
US20070192663A1 (en) * 2006-02-10 2007-08-16 Jijina Aspandyar M Methods and apparatus to select tornado error correction parameters
US7480848B2 (en) * 2006-02-10 2009-01-20 The Directv Group, Inc. Methods and apparatus to select tornado error correction parameters
US8635360B2 (en) 2007-10-19 2014-01-21 Google Inc. Media playback point seeking using data range requests
US9608921B2 (en) 2007-12-05 2017-03-28 Google Inc. Dynamic bit rate scaling
US8543720B2 (en) 2007-12-05 2013-09-24 Google Inc. Dynamic bit rate scaling
US8661098B2 (en) 2008-05-12 2014-02-25 Google Inc. Live media delivery over a packet-based computer network
US8301732B2 (en) 2008-05-12 2012-10-30 Google Inc. Live media delivery over a packet-based computer network
US20090287841A1 (en) * 2008-05-12 2009-11-19 Swarmcast, Inc. Live media delivery over a packet-based computer network
US7979570B2 (en) 2008-05-12 2011-07-12 Swarmcast, Inc. Live media delivery over a packet-based computer network
US20100023579A1 (en) * 2008-06-18 2010-01-28 Onion Networks, KK Dynamic media bit rates based on enterprise data transfer policies
US8880722B2 (en) 2008-06-18 2014-11-04 Google Inc. Dynamic media bit rates based on enterprise data transfer policies
US8150992B2 (en) 2008-06-18 2012-04-03 Google Inc. Dynamic media bit rates based on enterprise data transfer policies
US8458355B1 (en) 2008-06-18 2013-06-04 Google Inc. Dynamic media bit rates based on enterprise data transfer policies
US20100146145A1 (en) * 2008-12-04 2010-06-10 Swarmcast, Inc. Adaptive playback rate with look-ahead
US8375140B2 (en) 2008-12-04 2013-02-12 Google Inc. Adaptive playback rate with look-ahead
US9112938B2 (en) 2008-12-04 2015-08-18 Google Inc. Adaptive playback with look-ahead
US20100306373A1 (en) * 2009-06-01 2010-12-02 Swarmcast, Inc. Data retrieval based on bandwidth cost and delay
US9948708B2 (en) 2009-06-01 2018-04-17 Google Llc Data retrieval based on bandwidth cost and delay
WO2011091887A1 (de) * 2010-01-27 2011-08-04 Artec Computer Gmbh Verfahren zum gesicherten download von verteilten downloadsourcen
KR101453379B1 (ko) * 2010-01-27 2014-10-22 아르텍 컴퓨터 게엠베하 분산된 다운로드 소스들로부터 안전하게 다운로드하는 방법
US20120290842A1 (en) * 2010-01-27 2012-11-15 Jerry John Artishdad Method for securely downloading from distributed download sources
US8966258B2 (en) * 2010-01-27 2015-02-24 Artec Computer Gmbh Method for securely downloading from distributed download sources
US20140114853A1 (en) * 2012-10-22 2014-04-24 Oonetic Online payment system and method according to the mirror authorization server principle
US9953305B2 (en) * 2012-10-22 2018-04-24 Oonetic Online payment system and method according to the mirror authorization server principle
US9594612B2 (en) * 2013-06-28 2017-03-14 Arista Networks, Inc. System and method of a hardware shadow for a network element
US20150006953A1 (en) * 2013-06-28 2015-01-01 Hugh W. Holbrook System and method of a hardware shadow for a network element
US10833857B2 (en) * 2018-01-29 2020-11-10 International Business Machines Corporation Encryption key management in a data storage system communicating with asynchronous key servers
CN112655037A (zh) * 2018-08-16 2021-04-13 行德纸工株式会社 文件的保密分发系统及保密分发方法
US20210173958A1 (en) * 2018-08-16 2021-06-10 Gyotokushiko Co., Ltd. Secret distribution system and secret distribution method of files
CN112655037B (zh) * 2018-08-16 2023-07-14 行德纸工株式会社 文件的保密分发系统及保密分发方法
US11734446B2 (en) * 2018-08-16 2023-08-22 Gyotokushiko Co., Ltd. Secret distribution system and secret distribution method of files

Similar Documents

Publication Publication Date Title
US6772337B1 (en) Light weight security for parallel access to multiple mirror sites
US8538028B2 (en) System and method for secure electronic communication services
CN100384128C (zh) 一种数据下载系统及下载事务有效性控制方法
US7725716B2 (en) Methods and systems for encrypting, transmitting, and storing electronic information and files
US6192130B1 (en) Information security subscriber trust authority transfer system with private key history transfer
CN109327481B (zh) 一种基于区块链的全网统一在线认证方法及系统
US6816966B1 (en) Techniques for securing data flow in internet multicasting
Reiter et al. The Ω key management service
US20030212888A1 (en) System and method of looking up and validating a digital certificate in one pass
US20080118070A1 (en) Open and distributed systems to provide secure email service
JP2009277234A (ja) コンテンツセントリックネットワークにおける通信を円滑化するための方法
GB2406762A (en) Ephemeral key system which blinds a message prior to forwarding to encryption/decryption agent with function which can be reversed after en/decryption
CA2705903A1 (en) System and method for secure electronic communication services
US20040236953A1 (en) Method and device for transmitting an electronic message
US11652633B2 (en) System and method for securely transmitting non-PKI encrypted messages
BR112014015694B1 (pt) Método de pseudonimização dinâmico para uma rede de perfilagem de dados, e, rede de perfilagem de dados
US6978025B1 (en) Method and apparatus for managing public keys through a server
CN102714653B (zh) 用于访问私人数字内容的系统和方法
CN116150793B (zh) 基于DOA的handle标识解析技术的数据保护方法及系统
Yener Light weight security for parallel access to multiple mirror sites
Endsuleit et al. Censorship-resistant and anonymous P2P filesharing
CN116723511B (zh) 车联网中实现隐私保护的位置管理方法、系统及车联网
Liu et al. A TLV-structured data naming scheme for content-oriented networking
Melchor et al. pMIX: Untraceability for Small Hiding Groups.
Albahdal et al. Evaluation of security supporting mechanisms in cloud storage

Legal Events

Date Code Title Description
AS Assignment

Owner name: LUCENT TECHNOLOGIES, INC., NEW JERSEY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:YENER, BULENT;REEL/FRAME:010383/0683

Effective date: 19991105

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

REMI Maintenance fee reminder mailed
LAPS Lapse for failure to pay maintenance fees
STCH Information on status: patent discontinuation

Free format text: PATENT EXPIRED DUE TO NONPAYMENT OF MAINTENANCE FEES UNDER 37 CFR 1.362

FP Lapsed due to failure to pay maintenance fee

Effective date: 20080803